package com.tc.shiro.filter;

import org.apache.shiro.subject.Subject;
import org.apache.shiro.web.filter.authc.FormAuthenticationFilter;

import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;

/**
 * 判断是否记住我，和是否登录
 * 其他作用无
 */
public class CustomFormAuthenticationFilter extends FormAuthenticationFilter {

	// 原FormAuthenticationFilter的认证方法
	@Override
	protected boolean onAccessDenied(ServletRequest request, ServletResponse response) throws Exception {
		Subject subject = getSubject(request, response);  //此处获取登录信息，判断线程是否存在，如果不存在那么判断是否记住密码
		if (subject.getPrincipal() == null) {//主角是否为空
			// 没登录
			request.getRequestDispatcher("/api/operator/unLogin").forward(request, response);
			return false;
		}
		return super.onAccessDenied(request, response);
	}

}